{"id":3279,"date":"2011-09-08T08:27:55","date_gmt":"2011-09-08T07:27:55","guid":{"rendered":"http:\/\/blog.intego.com\/?p=3279"},"modified":"2023-04-11T17:53:39","modified_gmt":"2023-04-12T00:53:39","slug":"firefox-update-blocks-diginotar-security-certificates","status":"publish","type":"post","link":"https:\/\/www.intego.com\/mac-security-blog\/firefox-update-blocks-diginotar-security-certificates\/","title":{"rendered":"Firefox Update Blocks DigiNotar Security Certificates"},"content":{"rendered":"<p>We <a href=\"https:\/\/www.intego.com\/mac-security-blog\/fraudulent-google-com-certificate-causes-worries\/\">recently reported about fraudulent SSL certificates issued by DigiNotar, a Dutch certificate authority<\/a>. The extent of this problem has slowly become apparent, as it was found that the breach was due to <a href=\"http:\/\/www.h-online.com\/security\/news\/item\/DigiNotar-breach-due-to-disastrous-security-Update-1337573.html\">&#8220;disastrous security&#8221; at the company<\/a>, and the certificates were <a href=\"http:\/\/www.infoworld.com\/d\/security\/diginotar-certificates-are-pulled-not-smartphones-171834\">pulled on browsers but not on smartphones<\/a>.<\/p>\n<p>The Mozilla Foundation has released Firefox 6.0.2, as well as updates to other programs (Firefox Mobile 6.0.2, Firefox 3.6.22, Thunderbird 6.0.2, Thunderbird 3.1.14 and SeaMonkey 2.3.3) to fix some of the problems relative to these certificates. A previous update blocked DigiNotar&#8217;s certificates, but <a href=\"http:\/\/www.mozilla.org\/security\/announce\/2011\/mfsa2011-35.html\">this update distrusts all DigiNotar certificates and several intermediates<\/a>.<\/p>\n<blockquote><p>Removing the root as in our previous fix meant the certificates could be considered valid if cross-signed by another Certificate Authority. Importantly this list of distrusted certificates includes the &#8220;PKIOverheid&#8221; (PKIGovernment) intermediates under DigiNotar&#8217;s control that did not chain to DigiNotar&#8217;s root and were not previously blocked.<\/p><\/blockquote>\n<p>Certificates stolen include some for <a href=\"http:\/\/www.computerworld.com\/s\/article\/9219727\/Hackers_steal_SSL_certificates_for_CIA_MI6_Mossad\">the CIA, MI6 and Mossad<\/a>, so this issue is clearly shaking the weak foundation of the SSL protocol, showing how easy it is to circumvent.<\/p>\n<p>So make sure to update Firefox if you use it. We can expect a security update from Apple soon to deal with these same problems.<\/p>\n<p>For even more information about the DigiNotar breach, see Joshua Long&#8217;s comprehensive article on <a href=\"https:\/\/security.thejoshmeister.com\/2011\/08\/how-to-revoke-trust-for-diginotar-root.html\" target=\"_blank\" rel=\"noopener\">How to Revoke Trust for DigiNotar Root CA Certs\u2014Even On Older Macs<\/a>.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>A Firefox update protects users from hacked SSL certificates.<\/p>\n","protected":false},"author":3,"featured_media":8897,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"spay_email":"","jetpack_publicize_message":"","jetpack_is_tweetstorm":false},"categories":[13],"tags":[4678,56,119,128,129],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v17.4 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<meta name=\"description\" content=\"A Firefox update protects users from hacked SSL certificates.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.intego.com\/mac-security-blog\/firefox-update-blocks-diginotar-security-certificates\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Firefox Update Blocks DigiNotar Security Certificates - The Mac Security Blog\" \/>\n<meta property=\"og:description\" content=\"A Firefox update protects users from hacked SSL certificates.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.intego.com\/mac-security-blog\/firefox-update-blocks-diginotar-security-certificates\/\" \/>\n<meta property=\"og:site_name\" content=\"The Mac Security Blog\" \/>\n<meta property=\"article:published_time\" content=\"2011-09-08T07:27:55+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2023-04-12T00:53:39+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2012\/11\/firefox-icon.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"400\" \/>\n\t<meta property=\"og:image:height\" content=\"260\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Peter James\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"1 minute\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Organization\",\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/#organization\",\"name\":\"Intego\",\"url\":\"https:\/\/www.intego.com\/mac-security-blog\/\",\"sameAs\":[],\"logo\":{\"@type\":\"ImageObject\",\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/#logo\",\"inLanguage\":\"en-US\",\"url\":\"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2022\/10\/intego-organization-logo-for-google-knowledge-graph-875x875-1.png\",\"contentUrl\":\"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2022\/10\/intego-organization-logo-for-google-knowledge-graph-875x875-1.png\",\"width\":875,\"height\":875,\"caption\":\"Intego\"},\"image\":{\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/#logo\"}},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/#website\",\"url\":\"https:\/\/www.intego.com\/mac-security-blog\/\",\"name\":\"The Mac Security Blog\",\"description\":\"Keep Macs safe from the dangers of the Internet\",\"publisher\":{\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.intego.com\/mac-security-blog\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-US\"},{\"@type\":\"ImageObject\",\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/firefox-update-blocks-diginotar-security-certificates\/#primaryimage\",\"inLanguage\":\"en-US\",\"url\":\"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2012\/11\/firefox-icon.jpg\",\"contentUrl\":\"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2012\/11\/firefox-icon.jpg\",\"width\":\"400\",\"height\":\"260\"},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/firefox-update-blocks-diginotar-security-certificates\/#webpage\",\"url\":\"https:\/\/www.intego.com\/mac-security-blog\/firefox-update-blocks-diginotar-security-certificates\/\",\"name\":\"Firefox Update Blocks DigiNotar Security Certificates - The Mac Security Blog\",\"isPartOf\":{\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/firefox-update-blocks-diginotar-security-certificates\/#primaryimage\"},\"datePublished\":\"2011-09-08T07:27:55+00:00\",\"dateModified\":\"2023-04-12T00:53:39+00:00\",\"description\":\"A Firefox update protects users from hacked SSL certificates.\",\"breadcrumb\":{\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/firefox-update-blocks-diginotar-security-certificates\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.intego.com\/mac-security-blog\/firefox-update-blocks-diginotar-security-certificates\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/firefox-update-blocks-diginotar-security-certificates\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/www.intego.com\/mac-security-blog\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Firefox Update Blocks DigiNotar Security Certificates\"}]},{\"@type\":\"Article\",\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/firefox-update-blocks-diginotar-security-certificates\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/firefox-update-blocks-diginotar-security-certificates\/#webpage\"},\"author\":{\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/#\/schema\/person\/d0c16bd0a4dd8f82d91204f400c8d116\"},\"headline\":\"Firefox Update Blocks DigiNotar Security Certificates\",\"datePublished\":\"2011-09-08T07:27:55+00:00\",\"dateModified\":\"2023-04-12T00:53:39+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/firefox-update-blocks-diginotar-security-certificates\/#webpage\"},\"wordCount\":230,\"commentCount\":1,\"publisher\":{\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/#organization\"},\"image\":{\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/firefox-update-blocks-diginotar-security-certificates\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2012\/11\/firefox-icon.jpg\",\"keywords\":[\"DigiNotar\",\"Firefox\",\"Security Update\",\"TLS\/SSL Certificate\",\"TLS\/SSL Certificates\"],\"articleSection\":[\"Security &amp; Privacy\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\/\/www.intego.com\/mac-security-blog\/firefox-update-blocks-diginotar-security-certificates\/#respond\"]}]},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/#\/schema\/person\/d0c16bd0a4dd8f82d91204f400c8d116\",\"name\":\"Peter James\",\"image\":{\"@type\":\"ImageObject\",\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/#personlogo\",\"inLanguage\":\"en-US\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/0626bfb4ada576ba5aa775322329ad47?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/0626bfb4ada576ba5aa775322329ad47?s=96&d=mm&r=g\",\"caption\":\"Peter James\"},\"url\":\"https:\/\/www.intego.com\/mac-security-blog\/author\/peter\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"description":"A Firefox update protects users from hacked SSL certificates.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.intego.com\/mac-security-blog\/firefox-update-blocks-diginotar-security-certificates\/","og_locale":"en_US","og_type":"article","og_title":"Firefox Update Blocks DigiNotar Security Certificates - The Mac Security Blog","og_description":"A Firefox update protects users from hacked SSL certificates.","og_url":"https:\/\/www.intego.com\/mac-security-blog\/firefox-update-blocks-diginotar-security-certificates\/","og_site_name":"The Mac Security Blog","article_published_time":"2011-09-08T07:27:55+00:00","article_modified_time":"2023-04-12T00:53:39+00:00","og_image":[{"width":"400","height":"260","url":"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2012\/11\/firefox-icon.jpg","type":"image\/jpeg"}],"twitter_card":"summary_large_image","twitter_misc":{"Written by":"Peter James","Est. reading time":"1 minute"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Organization","@id":"https:\/\/www.intego.com\/mac-security-blog\/#organization","name":"Intego","url":"https:\/\/www.intego.com\/mac-security-blog\/","sameAs":[],"logo":{"@type":"ImageObject","@id":"https:\/\/www.intego.com\/mac-security-blog\/#logo","inLanguage":"en-US","url":"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2022\/10\/intego-organization-logo-for-google-knowledge-graph-875x875-1.png","contentUrl":"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2022\/10\/intego-organization-logo-for-google-knowledge-graph-875x875-1.png","width":875,"height":875,"caption":"Intego"},"image":{"@id":"https:\/\/www.intego.com\/mac-security-blog\/#logo"}},{"@type":"WebSite","@id":"https:\/\/www.intego.com\/mac-security-blog\/#website","url":"https:\/\/www.intego.com\/mac-security-blog\/","name":"The Mac Security Blog","description":"Keep Macs safe from the dangers of the Internet","publisher":{"@id":"https:\/\/www.intego.com\/mac-security-blog\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.intego.com\/mac-security-blog\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-US"},{"@type":"ImageObject","@id":"https:\/\/www.intego.com\/mac-security-blog\/firefox-update-blocks-diginotar-security-certificates\/#primaryimage","inLanguage":"en-US","url":"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2012\/11\/firefox-icon.jpg","contentUrl":"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2012\/11\/firefox-icon.jpg","width":"400","height":"260"},{"@type":"WebPage","@id":"https:\/\/www.intego.com\/mac-security-blog\/firefox-update-blocks-diginotar-security-certificates\/#webpage","url":"https:\/\/www.intego.com\/mac-security-blog\/firefox-update-blocks-diginotar-security-certificates\/","name":"Firefox Update Blocks DigiNotar Security Certificates - The Mac Security Blog","isPartOf":{"@id":"https:\/\/www.intego.com\/mac-security-blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.intego.com\/mac-security-blog\/firefox-update-blocks-diginotar-security-certificates\/#primaryimage"},"datePublished":"2011-09-08T07:27:55+00:00","dateModified":"2023-04-12T00:53:39+00:00","description":"A Firefox update protects users from hacked SSL certificates.","breadcrumb":{"@id":"https:\/\/www.intego.com\/mac-security-blog\/firefox-update-blocks-diginotar-security-certificates\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.intego.com\/mac-security-blog\/firefox-update-blocks-diginotar-security-certificates\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/www.intego.com\/mac-security-blog\/firefox-update-blocks-diginotar-security-certificates\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.intego.com\/mac-security-blog\/"},{"@type":"ListItem","position":2,"name":"Firefox Update Blocks DigiNotar Security Certificates"}]},{"@type":"Article","@id":"https:\/\/www.intego.com\/mac-security-blog\/firefox-update-blocks-diginotar-security-certificates\/#article","isPartOf":{"@id":"https:\/\/www.intego.com\/mac-security-blog\/firefox-update-blocks-diginotar-security-certificates\/#webpage"},"author":{"@id":"https:\/\/www.intego.com\/mac-security-blog\/#\/schema\/person\/d0c16bd0a4dd8f82d91204f400c8d116"},"headline":"Firefox Update Blocks DigiNotar Security Certificates","datePublished":"2011-09-08T07:27:55+00:00","dateModified":"2023-04-12T00:53:39+00:00","mainEntityOfPage":{"@id":"https:\/\/www.intego.com\/mac-security-blog\/firefox-update-blocks-diginotar-security-certificates\/#webpage"},"wordCount":230,"commentCount":1,"publisher":{"@id":"https:\/\/www.intego.com\/mac-security-blog\/#organization"},"image":{"@id":"https:\/\/www.intego.com\/mac-security-blog\/firefox-update-blocks-diginotar-security-certificates\/#primaryimage"},"thumbnailUrl":"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2012\/11\/firefox-icon.jpg","keywords":["DigiNotar","Firefox","Security Update","TLS\/SSL Certificate","TLS\/SSL Certificates"],"articleSection":["Security &amp; Privacy"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/www.intego.com\/mac-security-blog\/firefox-update-blocks-diginotar-security-certificates\/#respond"]}]},{"@type":"Person","@id":"https:\/\/www.intego.com\/mac-security-blog\/#\/schema\/person\/d0c16bd0a4dd8f82d91204f400c8d116","name":"Peter James","image":{"@type":"ImageObject","@id":"https:\/\/www.intego.com\/mac-security-blog\/#personlogo","inLanguage":"en-US","url":"https:\/\/secure.gravatar.com\/avatar\/0626bfb4ada576ba5aa775322329ad47?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/0626bfb4ada576ba5aa775322329ad47?s=96&d=mm&r=g","caption":"Peter James"},"url":"https:\/\/www.intego.com\/mac-security-blog\/author\/peter\/"}]}},"jetpack_featured_media_url":"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2012\/11\/firefox-icon.jpg","jetpack_publicize_connections":[],"jetpack_sharing_enabled":true,"jetpack_shortlink":"https:\/\/wp.me\/p4VAYd-QT","amp_enabled":true,"_links":{"self":[{"href":"https:\/\/origin.intego.com\/mac-security-blog\/wp-json\/wp\/v2\/posts\/3279"}],"collection":[{"href":"https:\/\/origin.intego.com\/mac-security-blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/origin.intego.com\/mac-security-blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/origin.intego.com\/mac-security-blog\/wp-json\/wp\/v2\/users\/3"}],"replies":[{"embeddable":true,"href":"https:\/\/origin.intego.com\/mac-security-blog\/wp-json\/wp\/v2\/comments?post=3279"}],"version-history":[{"count":1,"href":"https:\/\/origin.intego.com\/mac-security-blog\/wp-json\/wp\/v2\/posts\/3279\/revisions"}],"predecessor-version":[{"id":97693,"href":"https:\/\/origin.intego.com\/mac-security-blog\/wp-json\/wp\/v2\/posts\/3279\/revisions\/97693"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/origin.intego.com\/mac-security-blog\/wp-json\/wp\/v2\/media\/8897"}],"wp:attachment":[{"href":"https:\/\/origin.intego.com\/mac-security-blog\/wp-json\/wp\/v2\/media?parent=3279"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/origin.intego.com\/mac-security-blog\/wp-json\/wp\/v2\/categories?post=3279"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/origin.intego.com\/mac-security-blog\/wp-json\/wp\/v2\/tags?post=3279"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}